최신 GSNA 무료덤프 - GIAC Systems and Network Auditor

문제1

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of
parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint. Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

A. nmap -sU -p

B. nmap -sT

C. nmap -sS

D. nmap -O -p

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You are concerned about the vulnerabilities existing in the network of the company. Which of the following can be a cause for making the network vulnerable? (Choose two)

A. Use of uncommon code

B. Use of well-known code

C. Explanation:
In computer security, the term vulnerability is a weakness which allows an attacker to reduce a system's Information Assurance. A computer or a network can be vulnerable due to the following reasons: Complexity: Large, complex systems increase the probability of flaws and unintended access points. Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker has or can find the knowledge and tools to exploit the flaw. Connectivity: More physical connections, privileges, ports, protocols, and services and time each of those are accessible increase vulnerability. Password management flaws: The computer user uses weak passwords that could be discovered by brute force. The computer user stores the password on the computer where a program can access it. Users re-use passwords between many programs and websites. Fundamental operating system design flaws: The operating system designer chooses to enforce sub optimal policies on user/program management. For example, operating systems with policies such as default permit grant every program and every user full access to the entire computer. This operating system flaw allows viruses and malware to execute commands on behalf of the administrator. Internet Website Browsing: Some Internet websites may contain harmful Spyware or Adware that can be installed automatically on the computer systems. After visiting those websites, the computer systems become infected and personal information will be collected and passed on to third party individuals. Software bugs: The programmer leaves an exploitable bug in a software program. The software bug may allow an attacker to misuse an application. Unchecked user input: The program assumes that all user input is safe. Programs that do not check user input can allow unintended direct execution of commands or SQL statements (known as Buffer overflows, SQL injection or other non-validated inputs).

D. Use of uncommon software

E. Use of more physical connections

정답: B,C,E

설명: (DumpTOP 회원만 볼 수 있음)

문제3

You work as the Network Administrator for XYZ CORP. The company has a Linux-based network. You are a root user on the Red Hat operating system. You want to see first five lines of the file /etc/passwd. Which of the following commands should you use to accomplish the task?

A. tail -n 5 /etc/passwd

B. head /etc/passwd

C. head 5 -n /etc/passwd

D. head -n 5 /etc/passwd

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?

A. 802.11a

B. 802.11b

C. 802.11g

D. 802.11n

정답: A,B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제5

You are concerned about rootkits on your network communicating with attackers outside your network. Without using an IDS how can you detect this sort of activity?

A. You cannot, you need an IDS.

B. By examining your firewall logs.

C. By setting up a DMZ.

D. By examining your domain controller server logs.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the local device files or 'links to device files' for a non-standard device driver. Which of the following Unix configuration files should you use to accomplish the task?

A. /dev/MAKEDEV

B. profile

C. /etc/aliases

D. /etc/bootptab

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제7

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following pre-attack phases while testing the security of the server: Footprinting Scanning Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?

A. WinSSLMiM

B. UserInfo

C. PsPasswd

D. PsFile

정답: B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following are HTML tags, used to create a table?

A. <TT>

B. <TD>

C. <SET TABLE>

D. Explanation:
In Hypertext Markup Language (HTML), a table is created using the <TABLE>, <TR>, and <TD> tags. The <TABLE> tag designs the table layout, the <TR> tag is used to create a row, and the <TD> tag is used to create a column. For example, the following code generates a table with two rows and two columns:
<TABLE BORDER=1> <TR> <TD>Cell 1</TD> <TD>Cell 2</TD> </TR> <TR> <TD>Cell 3</TD> <TD>Cell 4</TD> </TR> </TABLE>

E. <TABLE SET>

F. <TR>

G. <TABLE>

정답: B,D,F,G

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which of the following statements are true about security risks? (Choose three)

A. They can be removed completely by taking proper actions.

B. They are considered an indicator of threats coupled with vulnerability.

C. They can be mitigated by reviewing and taking responsible actions based on possible risks.

D. They can be analyzed and measured by the risk analysis process.

정답: B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 Active Directory domain-based network. The domain consists of a domain controller, two Windows 2003 member servers, and one hundred client computers. The company employees use laptops with Windows XP Professional. These laptops are equipped with wireless network cards that are used to connect to access points located in the Marketing department of the company. The company employees log on to the domain by using a user name and password combination. The wireless network has been configured with WEP in addition to 802.1x. Mark wants to provide the best level of security for the kind of authentication used by the company. What will Mark do to accomplish the task?

A. Use IPSec

B. Use MD5

C. Use EAP-TLS

D. Use PEAP

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제11

John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has recently backed up his entire Linux hard drive into the my_backup.tgz file. The size of the my_backup.tgz file is 800MB. Now, he wants to break this file into two files in which the size of the first file named my_backup.tgz.aa should be 600MB and that of the second file named my_backup.tgz.ab should be 200MB. Which of the following commands will John use to accomplish his task?

A. split --verbose -b 200m my_backup.tgz my_backup.tgz

B. split --verbose -b 600m my_backup.tgz my_backup.tgz

C. split --verbose -b 200m my_backup.tgz my_backup.tgz

D. split --verbose -b 600m my_backup.tgz my_backup.tgz

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

최신 GSNA 무료덤프 - GIAC Systems and Network Auditor

우리와 연락하기

유용한 링크

최신 업데이트